Randstad Cyber Security Engineer in Worcester, Massachusetts

Cyber Security Engineer


Worcester, MA

Date Posted:

Wednesday, October 12, 2016

Job Type:


Reference #:



Randstad Technologies

apply now


Cyber Security Engineer

We are seeking an innovative and critical thinker who thrives in an environment where their ideas and actions have an immediate and positive impact. You will be joining our newly constructed Information Security Team, helping to align efficient and customer focused solutions with cutting edge security tools.

You will work closely with key stakeholders across the campus, leading the effort to enhance our Information Security program in ways that ensure best in class security protection while enabling our employees and students to excel.

As a member of our Information Technology Department, you will join a dynamic team of dedicated individuals committed to delivering forward thinking solutions with a focus on continuous improvement.


Develop and implement information security programs that address people, process and technology risks

  • Work closely with other Information Technology (IT) teams to architect secure and design and implement a defense-in-depth information security tools for optimal threat protection, monitoring and incident response

  • Develop and maintain threat management processes for the University, including computer forensics and necessary chain of custody requirements

  • Investigate potetial security incidents using forensically sound methods and techniques

  • Lead security requirements and controls development initiatives ensuring integrity in security analysis, quality and timeliness in customer deliverables

  • Develop and implement critical technology based security programs for identifying, correlating and remediating security threats and vulnerabilities

  • Develop innovative and secure solutions and provide guidance for University stakeholders

  • Monitor and advise on information security compliance related to IT to ensure internal security controls are functioning appropriately

  • Play a lead role in the development of technical information security policies and standards based on industry best practices and compliance requirements including HIPAA, HITECH, FERPA, FISMA, PCI etc.

  • Work with security and IT stakeholders to implement a risk management program that allows for the identification and remediation of information security risks

  • Collaborate with IT Management, University leadership, general counsel, and public safety to manage security threats and vulnerabilities

  • Develop and implement a secure coding and scanning program

  • Develop and promote technical training to create information security awareness and aptitude within the organization

  • Provide direct training and oversight to staff, business partners, or other third-parties

  • Develop and promote secure architectural options for the University working closely with IT and business leadership

  • Review and approve all system-related security plans

  • Monitor compliance with information security policies and procedures, referring problems to the appropriate department manager

  • Coordinate the UMMS activities of the Information Security Committee

  • Advise the organization about information security threats, technologies and related regulatory requirements

  • Develop and implement information security metrics, measurement criteria and reporting to ensure compliance and continuous improvement

  • Perform other duties as required


  • Bachelor s degree in an Information Technology, Information Security discipline or equivalent experience

  • 6 years of experience in a technically advanced, thought leadership role in Information Security

  • Demonstrated experience in the successful development and implementation of enterprise-wide information security programs which reduce risk, in protecting PHI in compliance with HIPAA, HITECH, FISMA, etc., and in architecting forward-thinking security solutions

  • Experience with network penetration testing, vulnerability assessment, and application scanning

  • Demonstrated competence implementing and managing Log Aggregation and SEIM technologies (Splunk or similar)

  • Demonstrated competence implementing Vulnerability Management tools (Qualys, NCircle, etc)

  • Demonstrated knowledge of network, application and system technology and security issues, resolution, and counter-measures

  • Demonstrated knowledge in end-point protection solutions (AV, encryption, etc)

  • Excellent oral and written communication skills

  • Ability to collaborate with IT, executive management, and business stakeholders towards achieving business and security objectives

  • Industry recognized information certification such as CRISC or CISSP

  • Ability to travel to off-site locations


  • Additional information security management qualifications such as GSEC, CISM or CISA

  • Experience in a higher education environment

  • Demonstrative knowledge of information security standards such as ISO/IEC 27000, NIST, FISMA, PCI, etc.

    apply now